IRC channel logs

2020-06-30.log

back to list of logs

<zimoun>NieDzejkob: thanks. I am going to read the log. :-)
<jcob>o/ again everyone
<jcob>So I got a vm spun up with the following config: http://ix.io/2qwh
<jcob>and I can't for the life of me figure out how to start gdm
<jcob>I've tried sudo herd start gdm, I've tried sudo gdm, ive tried sudo su; gdm
<jcob>when I do gdm with sudo it just hangs with no output
<jcob>I thought running gdm would start the x display server
<nckx>Where do I start debugging a Cuirass evaluation that takes hours, then fails, leaving behind an empty log file? (https://ci.guix.gnu.org/eval/14692)
<lfam>jcob: I would recommend using %desktop-services instead of %base-services if you want GDM, at least to get started
<nckx>jcob: Try %desktop-services instead of %base-, I'm sure GDM without the ratbag of other desktop services is… lightly tested, to say the least.
<lfam>Haha, like nckx said. It's a seriously complicated system, the GNOME desktop
<jcob>So nckx: do you mean just try removing it from "packages"
<nckx>Sigh. One day I'm going to afford reliable wi-fi and ninja someone else.
<jcob>ooh wait
<jcob>I dumdum sorry
<nckx>jcob: I didn't even see it there. I suspect it's pointless at best.
<bonz060>What are the right permissions for: `/etc/guix/signing-key.sec`? I'm getting a `guix publish: error: open-file: Permission denied: "/etc/guix/signing-key.sec"` after updating some server to ubuntu 18 from 16...
<bonz060>I get that ^^ after doing a `guix publish -p 8081`
<nckx>bonz060: 400 root:root
<nckx>(But on foreign distroes, things can always get interesting.)
<lfam>On my Debian I have /etc/guix/acl with permissions of 400 and owned by root
<nckx>bonz060: It sounds like you're starting guix publish as your own user instead of as root iwth the --user=unprivileged-publish-user option.
<nckx>Correct me if I'm wrong.
<bonz060>nckx: I've done that with sudo. I figured out my problem... I had not started the daemon. So I started it, and also enabled it in case I'd need to do a restart later on:)
<bonz060>nckx: Much thanks btw
<nckx>bonz060: That's a very misleading error message if starting the daemon fixes it! Unless the daemon changed the permissions.
<ryanprior>I'm getting a weird build failure, it's telling me it can't resolve github.com and then crashing when it tries to query the softwareheritage API https://gist.github.com/ryanprior/bf9cd5f24dc0e453b6a8ed9a889be41d
<ryanprior>I get this when trying to build a new version of the v package
<jcob>I have a new problem. This is my current vm config: http://ix.io/2qwl now it starts gdm, but it doesn't do anything other than show a black screen with a cursor in it
<ryanprior>my build command was: guix build -f vlang.scm
<jcob>Ah I figured it out
<jcob>needed to pass -m 2048
<jcob>:)
<nckx>ryanprior: That's what a missing /etc/services looks like. Do you have one?
<nckx>(And are the permissions not too restrictive for ‘others’…)
<ryanprior>I have an /etc/services with contents in it, it's owned by root and permissions 644
<nckx>ryanprior: And you can look up hosts just fine otherwise?
<nckx>Then, unfortunately, your situation is more interesting 😛
<nckx>ryanprior: Does ‘guix download https://github.com/robots.txt’ work?
<ryanprior>yeah other things like "guix build dash" work fine
<ryanprior>Yep that download workeed
<nckx>Hmph.
<ryanprior>I'm on Guix 4a498d0012204cf6eb56298e6c07040ed46612c3
<ryanprior>Fairly recent
<nckx>ryanprior: Could you share your vlang.scm somewhere?
<nckx>Y'know, just in case, even though it shouldn't, etc.
<ryanprior>Yeah for sure let me push it
<ryanprior>Here it is nckx https://github.com/ryanprior/guix-packages/blob/master/testing/vlang.scm#L14-L92
<nckx>ryanprior: Another sanity check: guile -c '(getaddrinfo "archive.softwareheritage.org" "https" 0)'
<nckx>If I change ‘https’ to ‘httpx’ I get a backtrace like yours, hence my /etc/services suspicion.
<ryanprior>nckx: that didn't print anything but it exited 0
<nckx>That would be good.
<ryanprior>Changing https->httpz resulted in a backtrace like you say
<nckx>Oh this is interesting
<nckx>I get the same backtrace with your vlang.scm.
<ryanprior>X.X
<ryanprior>we done broke something
<nckx>The thing that certainly shouldn't have happened…
<nckx>at least it's reproducibly weird! That's good!
<ryanprior>Another weird thing, no idea if it's related or not but
<ryanprior>See the commented out sha256 in there? I got that hash when I did "guix hash -rx" on the repo, but then guix build told me it got a different hash
<ryanprior>I re-cloned the repo elsewhere, hashed it again, still got the same hash
<ryanprior>So I could not figure out at all where it was getting the hash it gave me.
<ryanprior>Maybe it was downloading some garbage data because it wasn't connecting to github correctly?
<nckx>I found the (sha256 #f) so suspicious I commented it out. If I now get a hash error instead of a backtrace, it was to blame.
<nckx>But it's doing ‘nothing’ ATM.
<nckx>Oh there we go.
<nckx> actual hash: 0xkl8sgp302ifba6jyixn4k420940f0pvri853hxa7i7i0ddvqih
<nckx>Yeah, (sha256 #f) was fucking things up majorly.
<ryanprior>Okay but I can't reproduce that hash
<ryanprior>Shouldn't I be able to disable hashing for the package by passing #f?
<nckx>A valid concern but a different one.
<nckx>ryanprior: I'm not so sure. It's new to me. Who recommended/sanctioned that hack?
***jonsger1 is now known as jonsger
<nckx>It's possible that it used to work before sha256 was turned into backwards-compatibility macro magic.
<nckx>Magic macros tend to misbehave in ugly ways when passed ‘garbage’, even clever garbage that used to work.
<ryanprior>I wouldn't expect to ever use that in a patch I'd send upstream, but I got the idea from things that work elsewhere (like "#:tests? #f")
<ryanprior>Can you reproduce that hash btw? If you clone that repo and checkout that commit, do you get the hash it reports?
<nckx>I wouldn't expect it to work (which, again, isn't to claim it never did) because origins are content-addressed. If there's nothing to address, that doesn't go well. The URL isn't used as an identifier, just (correctly) as a hint of where to find the file with hash x.
<nckx>ryanprior: Yeah, clean git clone, reset --hard 847a1035a5cd4455af52e29940fbde3785c82df5, guix hash -rx . → 00k05gjcmbgn0a53vn61vahwj68gjm3g263yffvqcr7fxpbfirc4, the hash that Guix says is wrong…
<nckx>IDGI.
<ryanprior>yeah, same one I got & have commented out
<ryanprior>so I am at a loss where Guix is getting this hash, is something I'm doing just totally not supported?
<ryanprior>are you not supposed to use a specific commit as your version?
<nckx>Setting hash to #f is not supported AFAIK. Setting commit to a commit is fine, and I've done so in the past.
<NieDzejkob>maybe it's about submodules?
<nckx>Heh, trying to be clever with ‘guix build ….drv -K’ doesn't work.
<ryanprior>I don't think that repo has submodules, NieDzejkob
<ryanprior>`git submodule summary` doesn't show anything
<nckx>I already tried ‘recursive?’ and got the same hash, if that's what submodules means.
<nckx> https://www.tobias.gr/oh.png
<ryanprior>Also, you can `guix build v` which uses the same repo (and is already accepted upstream)
<ryanprior>I'm working on building newer versions of v, just hitting a brick wall so far though
<nckx>When in doubt, legacy crap.
<nckx>So just use 0xkl8sgp302ifba6jyixn4k420940f0pvri853hxa7i7i0ddvqih 😒
<ryanprior>Ah it's newlines? Is there not a workaround for that?
<nckx>There obviously is a broken work-around for it somewhere already, or it would simply be left alone. Something somewhere's trying to be clever while the other path (git vs. Guile-git?) isn't.
<nckx>In that image, red = git clone, green = guix build. I wish it'd been the other way 'round & I could have blamed the git CLI tool for being invasive.
<nckx>ryanprior: Using the hash that Guix produces is the workaround.
<nckx>Since we now know the difference is ‘harmless’.
<ryanprior>How do I view what the guix build checkout is so I can compare them like you did?
<nckx>ryanprior: Well, don't do like me & try ‘guix build <source>.drv -K’, that won't work. I just ran ‘guix build -f vlang.scm --source’, replaced the hash with what guix said it should be, then ran it again.
<bonz060>nckx: I agree. Though I don't know how I'd make that better were I the author.
<nckx>bonz060, ryanprior: Both of you in the mood for filin' bugs tonight?
<nckx>It's bed time for nckx.
<nckx>I'll keep the image hosted if you want, it makes the problem quite clear.
<nckx>Good night o/
<ryanprior>Good night, thanks nckx !
***catonano_ is now known as catonano
<xelxebar>Hey, Guix
***familia_ is now known as familia
<apteryx>xelxebar: heya!
<xelxebar>apteryx: Off topic, but are you from New Zealand?
<apteryx>haha! No. I just happen to like kiwis ;-)
<raghavgururajan>nckx: Shoot! It failed.
<lispmacs>I'm seeing arduino related packages, like microscheme, but not the arduino IDE. is that on purpose, or just a package that hasn't been defined yet?
<thinkpad_>where can i download guix iso images
<janneke>yay, blast from the past "Insecure $ENV{PATH} while running with -T switch at - line 1."
<guix-sucks>_|_
<guix-sucks>civodul mbakke apteryx nckx mothacehe: You all suck, just like guix.
<guix-sucks>rekado: You suck less now.
*janneke goes, thanks for letting us look inside your head -- i guess
***cjpb1 is now known as cjpbirkbeck
<luke-jr>How can I use Guix without touching anything outside of its directory, or running anything as root?
<jonsger>luke-jr: what is your goal?
<efraim>Do you mean how do you install it without root or how do you use it once it's installed?
***cjpb0 is now known as cjpbirkbeck
<leoprikler>Can substitute* handle multiple lines?
<leoprikler>e.g. (substitute* (("a\nb") "c"))
***cjpb0 is now known as cjpbirkbeck
<luke-jr>jonsger: to use Guix, without it dropping users/groups/files everywhere else in my OS
<nckx>leoprikler: Nein.
<luke-jr>also, without using any third-party binaries
<jonsger>luke-jr: it will drop files at some defined locations (e.g. /gnu/store) and it requires user and group for `guix build`. Maybe you go without the users and group, but then you can't build packages at least
<jonsger>luke-jr: I guess you mean the bootstraß binaries which will get downloaded by guix, they are required
<luke-jr>
<luke-jr>thought the whole point was bootstrapping, yet Guix itself has problems bootstrapping? -.-
<nckx>Your CPU has problems running source files.
<luke-jr>my existing OS has a working C++11 compiler etc
<luke-jr>(which I also compiled myself, but that's another story)
<jonsger>luke-jr: but I guess you relied on an compiler you had before
<luke-jr>jonsger: with sufficient steps to ensure any recursive trojan didn't survive
<nckx>luke-jr: Guix doesn't have problems bootstrapping, not sure where you got that.
<luke-jr>nckx: jonsger just said so.. [09:09:40] <jonsger> luke-jr: I guess you mean the bootstraß binaries which will get downloaded by guix, they are required
<luke-jr>although configure seems to be okay with not having them, and make is running now.. :x
<luke-jr>(and I cut off network access just to be sure)
<jonsger>luke-jr: you can build the guix "tool" directly from source without the bootstrap binaries, but you can't use guix as package manager afterwards without them...
<nckx>You shouldn't put words in other's mouths if you don't know what they mean.
<luke-jr>nckx: bootstrapping means not using any third-party binaries
<nckx>No.
<nckx> https://guix.gnu.org/blog/2020/guix-further-reduces-bootstrap-seed-to-25/
<nckx>Maybe some day, if you make a mental leap from ‘a small binary that a human can grok’ to ‘source’.
<civodul>Hello Guix!
<sneek>Welcome back civodul, you have 1 message!
<sneek>civodul, NieDzejkob says: mbakke and I would like to hear your opinion on #42132 :)
<luke-jr>nckx: that's unfortunate; I meant the normal "bootstrapping", not this redefinition
<guix-sucks>_|_
<guix-sucks>civodul mbakke apteryx nckx mothacehe: You all suck.
<guix-sucks>rekado: You suck less now.
<luke-jr>BTW, the configure check for Guile-SSH reports no fine, but the build fails without it ice-9/eval.scm:293:34: no code for module (ssh session)
<civodul>woow
<zimoun>cbaines: I have noted that from https://data.guix.gnu.org/repository/1/branch/master/package/git/output-history then click View JSON returns an error. Is it expected (feature not implemented)? Or is it a "bug"?
<civodul>luke-jr: do you see which module is causing that?
<luke-jr>[ 47%] LOAD gnu/machine/digital-ocean.scm ?
<zimoun>civodul: just one question: in ##guix-hpc, the double ## is expected? (IRC convention) Or is it a typo in your email?
<nckx>luke-jr: It sounds like what you call ‘bootstrapping’ is just ‘building’; fortunately we support that just fine 😉 Bootstrapping is what comes before you can build anything. If you have a big honking C compiler on your system you're willing to use, that's not bootstrapping, never has been.
<luke-jr>oh! good thing I came back XD
<nckx>Never leave again. We have… we had snacks somewhere.
<luke-jr>it can be hard choosing channels when you're in 120 :P
<jonsger>can others go in Icecat back to the DDG search result after clicking on one result? I get back to https://duckduckgo.com/?ia=web but not the actual result like /?q=foo
<guix-sucks>Along with GLibC and GCC, Guix should go on the list. https://suckless.org/sucks/
<luke-jr>O.o
***ChanServ sets mode: +o civodul
<efraim>jonsger: happens to me too
<civodul>nckx: what does it take again to ban that user?
<civodul>zimoun: re ##guix-hpc, i don't remember the exact convention, but yes, it works
<luke-jr>is there an easy way to exclude digital-ocean for now?
<civodul>i think we could even use #guix-hpc (single hash), which is under the control of the project
<civodul>(whereas double hash is free-style, IIRC)
<nckx>civodul: Already on it, just rusty 😉
<jonsger>efraim: it's annoying. something removes the referer or so
<luke-jr>## on freenode means unofficial
<nckx>jonsger: Same here.
<zimoun>civodul: fine. I am processing your email, tweak ## and will push right after; before lunch :-) Thanks!
<luke-jr>is it safe to `make` with -j60 or something? <.<
<raghavgururajan>Hello Guix!
<nckx>luke-jr: Should be!
<nckx>Since this is a legit Guix thing #guix-hpc would be fine. I've only ever ‘enforced’ our ‘rights’ to the #guix namespace for the channel that will not be named.
<luke-jr>seems -j60 works but doesn't actually do 60 things at once, oh well
<nckx>Either works. But I've noticed ~8 people still join #foo out of habit.
***ChanServ sets mode: +o nckx
***nckx sets mode: +gui-uc
***ChanServ sets mode: +c
***nckx sets mode: -gi
<nckx>…nope.
*kmicu is not surprised that unkind behaviour comes from a Suckless follower.
<luke-jr>lol
<lambdanon>How did you do that * <username> <Stuff>?
<lambdanon>test
<nckx>lambdanon: /me foos.
*lambdanon is grateful for the help :)
<raghavgururajan>Folks! I am trying to package this, https://bin.disroot.org/?72de60f97a03d8d8#F9wma5EBG7wmGZktJzFA2cFv2hkNEfT5K6o2raqo2tzS
<raghavgururajan>But, I get this error, https://bin.disroot.org/?690ea74a38d3ba61#3KpM1tx7Tedh4THVe85giYKYmSqLp2tbXQZHztpNoFsA
<raghavgururajan>The specified directory does not exist in the project.
<raghavgururajan>What should I do?
<kmicu>Required js to check text…
<nckx>raghavgururajan: Teach the build system not to run tests that assume .git exists (many build systems auto-detect that, this one fails but might have a flag).
<raghavgururajan>nckx: The error was despite .git, that is without git-minimal as native-inputs.
<raghavgururajan>kmicu: Oh shoot! I keep doing that as a habit. But it's free js though.
<nckx>raghavgururajan: Are you saying that the ‘fatal’ is a lie and .git's absence is irrelevant? Even without git(-minimal) someone can poke it and fail.
<raghavgururajan>nckx: The build/test script trying to load rake/testtask, which does not exist in the project.
<nckx>raghavgururajan: I don't mind the JS (and am sympathetic to the software), but encryption's overkill for code snippets & it breaks ‘curl URL >foo.scm’.
<raghavgururajan>It appears, loading of rake/testtask is common in ruby-based projects.
<nckx>I dunno, I'm still building it.
<nckx>I dunno, I don't dev Ruby.
<luke-jr>the encryption is a lie too
<nckx>AARGH even the ‘RAW text’ saves HTML.
<nckx>Where's my webapp whackin' stick.
<nckx>luke-jr: Ooh, tell me more. I didn't read the code.
<raghavgururajan>kmicu nckx luke-jr: https://paste.debian.net/plain/1154465
<raghavgururajan>luke-jr: What do you mean encryption is a lie?
<nckx>raghavgururajan: Thanks! I'm still building ruby-tilt.
<luke-jr>nckx: it's more low-level than that: at any time, the server can just dish you up some JS that sends it the key
<luke-jr>it's why _any_ webapp is fundamentally trusting the server
<raghavgururajan>luke-jr: Oh yes, that is correct and applies to any web application.
<kmicu>raghavgururajan: That’s nice it’s libre but, personally, I would prefer to preview it in Emacs/w3m than to start a js‑powered browser, lost 500MB of RAM, turn on js and look it up only to read handful lines of text. Linking to plain text is more accessible so more folks are able to help.
<raghavgururajan>luke-jr: In this case, I personally trust the sysadmin. :-)
<luke-jr>raghavgururajan: then HTTPS is sufficient ;)
<luke-jr>(and if you don't trust the cert-issuer, you're back to the same problem with the JS being MITM'd)
<raghavgururajan>> luke-jr‎: raghavgururajan: then HTTPS is sufficient ;)
<raghavgururajan>Yeah, for paste code, no encryption is needed. It is just that I use disroot for all my things and became a habit. xD
<kmicu>In this caes it dosen’t matter because I know nothing about ruby‑build‑system 😺
<nckx>Sure, fine, I was expecting something more juice than ‘will noticeably phone home with the key’. 😛
<nckx>y.
<raghavgururajan>> Linking to plain text is more accessible so more folks are able to help.
<raghavgururajan>kmicu: I agree.
*jonsger filed http://issues.guix.gnu.org/issue/42134 for DDG vs. Icecat efraim & nckx
<nckx>Thank you jonsger.
<nckx>raghavgururajan: But does ‘require 'rake/testtask'’ mean ‘look for a rake/testtask directory in $PWD’? That's a big leap, if an understandable one.
<nckx>Adding ruby-rake didn't change things.
<raghavgururajan>nckx: I have no idea about that.
<raghavgururajan>I tried with ruby-rake too.
<raghavgururajan>As far as I understand, "require rake/testtask" is like "include foo.h" in C/C++.
<nckx>Something like that, but even C/C++ has ‘#include <…>’ which goes on a magical journey through your file system.
<luke-jr>[09:41:33] <luke-jr> is there an easy way to exclude digital-ocean for now?
<rekado_>nckx: Ruby’s “require” also accepts relative file names
<leoprikler>what do you even want to exclude? If you don't need it, don't use it
<leoprikler>It's just Scheme code, nothing harmful
<rekado_>but “rake/testtask” isn’t one
<nckx>Plus, it can (I maintain) be read as ‘while loading rake/testtask, git failed, so we report an error loading it’. Loading, not finding. 🤷 again I don't Ruby.
<rekado_>rake/testtask just means that the Rake::TestTask module is supposed to be used
<rekado_>should be part of rake, though, so adding ruby-rake should be enough
<nckx>slim.gemspec: s.files = `git ls-files`.split("\n")
<nckx>rekado_: ruby-rake is already there. So my hypothesis is credible?
*raghavgururajan 's head is spinning
<raghavgururajan>rekado_ But.. we tried adding ruby-rake and didn't work.
<rekado_>nckx: is “slim” the gem that is supposed to be built?
<nckx>It says ‘rake aborted’. Why would that not be a horrible fatal error that causes module *loading* to fail, regardless of whether they're *found* or not.
<nckx>rekado_: Yes.
<rekado_>ah, I only just saw the error message
<rekado_>yes, the problem is that we don’t have .git, which is needed for git ls-files
<nckx>rekado_: https://paste.debian.net/plain/1154466
<rekado_>I’d patch the gemspec to include a literal array of file names
<nckx>I'm not 100% sure it's equivalent but it gives no error either way. Disappointing.
<rekado_>nckx: looks good to me
<raghavgururajan>nckx: Thanks! Let me try that.
<nckx>find -type f is equivalent, find bin isn't (it produces bin/slimrb where git prints slimrb), sigh. More patching…
<raghavgururajan>rekado_ Tahanks!
<raghavgururajan>*Thanks!
<nckx>(("git ls-files -- bin/\\*") "echo slimrb")
<nckx>Still the same error.
<nckx>‘rake aborted!’
<nckx>That's it. Thanks!!!!
<raghavgururajan>nckx: I got the same error.
<nckx>We've all got the same error. It's the only error that thing seems able to produce. It's the universal error.
<raghavgururajan>LoL
<nckx>error: uh oh.
<nckx>I wonder if it's siphoned off to a log file somewhere.
<raghavgururajan>nckx: I'll just do `#:tests? #f` then. Atleast, for now.
<nckx>I was just writing that.
<nckx>Then find someone who likes Ruby to help you debug the tests.
<nckx>They will shout less.
<raghavgururajan>It builds fine with tests disabled, I tried.
<nckx>Same here, but I gave it way too many inputs.
<nckx>And no git (although I think git is still present in the build environment regardless).
<nckx>raghavgururajan: What's this building up to?
<raghavgururajan>What do you mean?
<nckx>I assume this is a dependency of something else?
<raghavgururajan>Ah yes, ruby-asciidoctor
<luke-jr>leoprikler: it's causing the build to fail because it wants Guile-SSH
<raghavgururajan>nckx: I also got stuck with another package. libmpeg3. https://paste.debian.net/plain/1154471
<raghavgururajan>nckx: I also got stuck with another package. libmpeg3. https://paste.debian.net/plain/1154471
<raghavgururajan>Oops, sorry, gajim's fault.
<nckx>luke-jr: Start by removing it from gnu/local.mk and (…oh dear, another meaning) re-bootstrapping the build system.
<raghavgururajan>I removed the bundled a52dec-0.7.3
<nckx>But who knows what else wants guile-ssh.
<jonsger>hm mate is broken for me :(
<raghavgururajan>But a52.h is not being detected, despite adding liba52 as input.
<leoprikler>copy and offload also want it
*janneke thinks ./bootstrap should be renamed ./autogen.sh
<leoprikler>but yes, digitial-ocean is the problem ;)
*nckx agrees.
<raghavgururajan>janneke: +1
<leoprikler>tbh I'm fine with either
<nckx>raghavgururajan: Where (.scm) should I add that snippet so I don't have to import eleventy modules?
<raghavgururajan>nckx: video.scm
<nckx>Thanks.
*nckx .oO …did patches hurt you as a child, they don't bite…
<luke-jr>anything special I'm going to need to be aware of using --with-courage btw?
*raghavgururajan LoLs
<nckx>luke-jr: Besides the obvious? No. Why? I've only seen it appear on unsupported architectures.
<luke-jr>nckx: my PC is an unsupported architecture
<NieDzejkob>I'm curious. What architecture?
<NieDzejkob>hmm. I'd guess POWER.
<luke-jr>yes, POWER9
<jonsger>luke-jr: there are patches for guix on powerpc64 (big endian)
<luke-jr>hrm, I run LE - it won't just work? :/
<nckx>‘Just work’ is a lot of work…
<nckx>raghavgururajan: It allows setting A52DIR but then enforces A52DIR/include/a52.h, while liba52 has A52DIR/include/a52dec/a52.h .
<luke-jr>nckx: for the CPU, but most software builds fine
<nckx>Most.
<luke-jr>ironically not the one I'm targetting (rustc), but that's why I'm trying to do it in Guix ;)
<luke-jr>(also to learn Guix, since someone suggested using it instead of gitian)
<raghavgururajan>nckx: Ah, so should I patch the source to replace A52DIR/include/a52.h with A52DIR/include/a52dec/a52.h and set A52DIR as configure-flag?
*janneke is considering filing bug to automake
***ChanServ sets mode: +b guix-sucks!*@*
***guix-sucks was kicked by ChanServ (Banned: spam)
***guix-sucks-even- was kicked by nckx (guix-sucks-even-)
<guixsucks>Hehe
***guixsucks was kicked by nckx (guixsucks)
<NieDzejkob>luke-jr: hmm, our bootstrap chain only works on x86_64 for now...
<nckx>That hehe makes it so much sweeter.
<luke-jr>NieDzejkob: not even ARM? :\
<NieDzejkob>I'm hoping to get it working on i686, armhf and aarch64 with the next release of mrustc
<raghavgururajan>Woah. who is that?
<nckx>Someone who doesn't like free software.
<NieDzejkob>what did they complain about?
<guixsucks_>Along with GLibC and GCC, Guix should go on the list. https://suckless.org/sucks/
<guixsucks_>Along with GLibC and GCC, Guix should go on the list. https://suckless.org/sucks/
<NieDzejkob>why?
***guixsucks_ was kicked by nckx (guixsucks_)
<nckx>NieDzejkob: Nothing, AFAIK. You give them too much credit. They just spam the channel.
<jonsger>luke-jr: the problem with ppc64le is the required version of gcc/glibc (6.x or 7.x) which is not so easy to bootstrap because of c++ everywhere...
*raghavgururajan face palms
***nckx sets mode: +r
<luke-jr>jonsger: Guix can't handle newer versions? I don't follow
<raghavgururajan>Are they complaining about something mentioned on suckless.org?
<nckx>No 😃
<jonsger>luke-jr: no, guix has newer gcc versions but bootstrapping a new architecture isn't so easy...
<nckx>raghavgururajan: I think they're sympathetic to it.
<luke-jr>jonsger: can't I skip to the most recent?
<luke-jr>jonsger: my native OS has 9.3.0 already
<NieDzejkob>nckx: freenode supports wildcard bans, how about *sucks*?
<raghavgururajan>nckx: Hmm. I wonder what is wrong with glibc and gcc.
<nckx>luke-jr: Guix doesn't allow you to avoid the bootstrap like that.
*raghavgururajan thinks about IP ban.
<nckx>raghavgururajan: Oh oh! I can guess! Does it contain the word ‘bloat’? Do I win?
<raghavgururajan>nckx: LMAO!
<luke-jr>nckx: why not? it's not like starting at an older GCC is any different..?
<nckx>NieDzejkob: I know, but I felt uncomfortable doing that :-/ We're don't enforce happiness & sunshine, just basic levels of decency.
<nckx>luke-jr: I think your worldview is so radically different from mine that I can't think of a response in time. Maybe janneke can. /me → AFK.
<janneke>nckx your response to luke-jr was fine, please read => https://guix.gnu.org/blog/2020/guix-further-reduces-bootstrap-seed-to-25/
<luke-jr>
<janneke>luke-jr: the dependencies of guix packages form an acyclic graph
<janneke>not just "injecting binaries" is a feature
<luke-jr>janneke: gotta start somewhere. A set of blobs, no matter how small, is worse than using what's already available.
<NieDzejkob>luke-jr: you may reproduce the blobs
<luke-jr>NieDzejkob: that doesn't help - recursive trojans would survive that..
<NieDzejkob>luke-jr: with your already-blessed compiler
<luke-jr>oh
<luke-jr>well, then we're back to the GCC being too old for my computer
<janneke>yes, that's a problem that's mostly being ignored; we're are doing the work and raising awareness
<janneke>much yet to be done, though
<NieDzejkob> https://lists.gnu.org/archive/html/guix-devel/2020-02/msg00346.html
<raghavgururajan>nckx: I just read the following lines on their site. I have to admit though its true.
<raghavgururajan>Ingenious ideas are simple. Ingenious software is simple. Simplicity is the heart of the Unix philosophy. The more code lines you have removed, the more progress you have made. As the number of lines of code in your software shrinks, the more skilled you have become and the less your software sucks.
<raghavgururajan>nckx: Anyway, that person who spammed us was an idiot.
<efraim>IIRC the main problem for PPC64le is glibc-2.31. I have a patchset for 32-bit PPC which might also work for PPC64le
<NieDzejkob>there is some truth to it, but some complexity is unavoidable
<raghavgururajan>> NieDzejkob‎: there is some truth to it, but some complexity is unavoidable
<raghavgururajan>True! but it can be kept to minimum.
<bricewge> Hello Guix!
<raghavgururajan>bricewge, o/
<bricewge>I have some issue with modifying a variable that return a computed file into a procedure that return a computed file
<bricewge> https://paste.debian.net/1154481/
<luke-jr>janneke: is there a reason to not just do the LLVM+GCC trick to eliminate the trusting trust attack?
<NieDzejkob>luke-jr: then you need a binary of both llvm and gcc you can semi-trust
<bricewge>I'm probably misunderstood how Gexps work, every time I try to modify such code I get bogged down
<NieDzejkob>most likely, your llvm was compiled with gcc by the distro you're using
<NieDzejkob>and then, what's to stop a trojan recursively backdooring both compilers? Both source codes are public...
<NieDzejkob>this is why a true bootstrap is preferred
<NieDzejkob>bricewge: #$ is pretty much unquote, so you'll have (for-each (match-lambda ...) (("iPXE" ...) ...))
<luke-jr>NieDzejkob: no, you can just use the system compiler
<NieDzejkob>try (for-each ... '#$images)
<NieDzejkob>luke-jr: why do you trust the system compiler?
<luke-jr>NieDzejkob: I compiled it
<NieDzejkob>why do you trust the compiler you used for that?
<luke-jr>I don't, but it was a foreign architecture
<luke-jr>and eventually goes back pretty far
<NieDzejkob>if one cares enough to write a recursive trojan, why would you not take cross-compiling into account?
*nckx back
*luke-jr ponders when he last used third-party binaries
<nckx>[cheap quip] If your answer isn't ‘every damn day’, examine your premises.
<NieDzejkob>if I were to write a compiler backdoor, I'd choose a layer that's independent of the architecture anyway
<luke-jr>NieDzejkob: true, but you'd need to have infected me a long long time ago
<raghavgururajan>nckx: Should I patch the source to replace A52DIR/include/a52.h with A52DIR/include/a52dec/a52.h and set A52DIR as configure-flag?
<NieDzejkob>luke-jr: why is an attack a long time ago less likely?
<NieDzejkob>luke-jr: besides, have you read the source of all the software you're using? a backdoor like that would be less sophisticated and probably more reliable
<bricewge>NieDzejkob: Thanks! Changing “#$images” into “'#$images” solved it
<NieDzejkob>glad to help
<nckx>raghavgururajan: You need to do all kinds of things. Set A52DIR (if not in configure- then in make-flags), patch out ‘include Makefile.a52’, make it (plan A) link to liba52.so instead of trying statically or (plan B) make it use liba52.a from Guix.
<bricewge>Now the hard part is not forgetting it, I don't know why I can't grasp that #$ also unquote
<NieDzejkob>"also"?
<NieDzejkob>oh, I think I see
<NieDzejkob>Have you seen ludo's talk on G-Exps?
<NieDzejkob>wait, that wasn't ludo.
<raghavgururajan>nckx: Cool!
<NieDzejkob>anyway, this is pretty much the best docs for g-exps there are: https://fosdem.org/2020/schedule/event/gexpressionsguile/
<NieDzejkob>I believe that the author of the G-Expressions info page was already cursed by their knowledge when they wrote it
<nckx>raghavgururajan: https://paste.debian.net/plain/1154483
<bricewge>NieDzejkob: I'll watch it again
<rekado_>NieDzejkob: you amy also find Ludo’s paper on G-expressions enlightening
<bricewge>I think my issue is that I equate #$ to "evaluate this from the host side"
<rekado_>there’s this recurrent theme of people recommend *something* to be done to prevent bugs or run-time problems alongside the problem report
<rekado_>I find this curious
<nckx>rekado_: Something being defined (oh, say, test suites with foreign distroes) or literally ‘do something’?
<janneke>automake check: ~2h30 -- bloody ridiculous
<rekado_>nckx: often it just seems like a literal “do something” as no concrete proposals are made; it’s just “this shouldn’t happen”. Hard to argue with that.
<rekado_>I think this is the result of an attempt to vent frustration into helpful criticism
<nckx>raghavgururajan: You'll have to use make-flags by the way; ./configure is just a check for nasm → echo success.
<civodul>NieDzejkob: i think the author of that section in the manual would gladly take suggestions :-)
<civodul>but it's truly a problem, i guess
<civodul>not realizing that you're head-down in your think and writing things that are barely understandable
<zimoun>rekado_: is it possible to check if SELinux is up? Because it could help to report hints and so decreases the frustation.
<civodul>Chris' talk on gexps was great in my view
<mothacehe>bricewge: this works for me: https://paste.debian.net/1154485/
<mothacehe>not far from what you suggested, turned images to '#$images
<zimoun>civodul: is it expected that hpc.guix.info takes so long to rebuild? Or do I screw up something?
<civodul>zimoun: you broke it all!
<civodul>:-)
<civodul>lemme see
<mothacehe>bricewge: wrong paste: https://paste.debian.net/1154487/
<nckx>Guix isn't very defensive and takes a ‘not a/our bug’ approach in cases where I personally agree on principle, but alienates others. Not the best example but something I wanted to ask anyway: sure, ‘sudo -E guix pull’ is Wrong, but how about adding a sanity check that $USER owns the files whose permissions we're about to clobber? Surely it's a sign that something's up.
<nckx>Would that be acceptable?
<rekado_>I think this sounds good.
<rekado_>zimoun: maybe. You can run getenforce, but you’ll need the SELinux tools for that.
<rekado_>zimoun: on a system with SELinux they should be available, so we could try to run them and ignore errors when they cannot be found.
<apetresc>Out of curiosity, what software is logs.guix.gnu.org using to render the logs?
<zimoun>rekado_: thanks for the explanations. Yes, it could be an option. And maybe adds an explanation in the manual at point #5 about SELinux, I mean what you explained in the email.
<rekado_>apetresc: it’s called Guile
<rekado_>apetresc: https://git.savannah.gnu.org/cgit/guix/maintenance.git/tree/hydra/goggles.scm
<apetresc>rekado_: Thanks! :)
<zimoun>civodul: do you have fixed? Or does it automagically update?
<civodul>zimoun: i had to run it manually, go figure
<civodul>looks like mcron still goes wrong after some time
<civodul>someone should take it over :-)
<zimoun>civodul: thank you!
<nckx>raghavgururajan: Use #:make-flags (list (string-append "DST=" (assoc-ref %outputs "out") "/bin") […]) instead of monkey patching. You'll need to keep the mkdir of course.
<bricewge>mothacehe: Thanks, that's what I ended up doing after a nudge from NieDzejkob
<mothacehe>bricewge: my advice to gexp issues is to open the xxx-builder file in the derivation and have a look to what's going on
<nckx>raghavgururajan: Done https://paste.debian.net/plain/1154489
<lambdanon>Heya, quick question - Is the (operating-system) construct only available to people running shepherd, or is it generally used on any Guix install
<bricewge>mothacehe: Great tip, I was just debugging in the dark before, reading the builder file make the issue strikingly clear!
<mothacehe>lambdanon: no you can use the operating-system contruct to create a disk-image, a vm-image (between other things) from a foreign distribution.
<mothacehe>(i.e a non-Guix System distribution)
<raghavgururajan>> ‎nckx‎: raghavgururajan: Use #:make-flags (list (string-append "DST=" (assoc-ref %outputs "out") "/bin") […]) instead of monkey patching. You'll need to keep the mkdir of course.
<raghavgururajan>IIRC, I tries DST as make-flag and did not work.
<raghavgururajan>> nckx‎: raghavgururajan: Done https://paste.debian.net/plain/1154489
<raghavgururajan>Thank you!
<clodeindustrie> hi, would anyone have pointers on how to debug a shepherd service? I have followed this https://guix.gnu.org/blog/2020/gnu-shepherd-user-services/ ot create a syncthing service but it's not working
<nckx>These VMs/images will all run a Shepherd instance to start your operating-system's services, though. Guix doesn't know how to create a System with other inits. But your host can run anything.
<lambdanon>I see - I ask because I'm making a hyperbola install and I'm thinking of using Guix as much as possible. I saw that in operating-system, there's a bootloader and target argument, and that made me wonder whether things like GRUB_CMDLINE_LINUX_DEFAULT are available from the bootloader
<nckx>raghavgururajan: Compare it to mine, then, I guess 🙂 It works fine.
<nckx>There's no mkdir anywhere in the Makefile, so that needs to stay.
<nckx>(Well, there is, but not relevant.)
<raghavgururajan>nckx: Cool@
<nckx>lambdanon: GRUB_CMDLINE_LINUX_DEFAULT is part of the (IMO) horrible ‘meta’ GRUB set up, that uses a shell script to generate a shell script that… So, no, not under that name. What is it ‘actually’, and what are you trying to do?
<zimoun>civodul: done. Spread the news :-)
<lambdanon>@nckx I'm trying to set up LVM on LUKS with the following setup:
<lambdanon>
<nckx> https://askubuntu.com/a/780545 makes it sound like something very riged based on ‘normal’ and ‘recovery’ boots which Guix doesn't follow at all.
<lambdanon>1 Root partition, 1 swap partition, one home partition on a LUKS partition, with a separate /boot partition
<nckx>*rigid.
<lambdanon>Btw how do you reply to someone in IRC?
<nckx>lambdanon: You just type their nick, then a colon, then your message.
<lambdanon>nckx: Thanks :)
<nckx>Their client will highlight it, like yours presumably does.
<nckx>Most support tab-completion, I'm not crazy enough to type lambdanon, I type la<Tab> 🙂
<lambdanon>nckx: Looks like ERC supports that, nice
<lambdanon>So if the _DEFAULT meta-system is horrible, why is it that Arch installation tutorials recommend putting cryptodisk stuff on there and not on plain old GRUB_CMDLINE_LINUX?
<lambdanon>(Actually this is probably better asked on the arch chat, I'll head there)
<civodul>zimoun: done!
<zimoun>civodul: cool! Thank you
<civodul>we'll have to be preprared now :-)
<nckx>lambdanon: That was my own opinion! I've always found it horrible, years before I used Guix. So I never used it, I've always configured GRUB directly using grub.cfg. The GRUB_foo abstraction hell is surely useful for distros that want to magic away all that, at the expense of incomprehensible (again IMO) complexity.
<nckx>lambdanon: Unfortunately… There are very hacky ways to boot Guix off of a separate /boot partition but it's best to regard it as unsupported.
<clodeindustrie>I should probably read the doc first...
<lambdanon>So what is the recommended way to set up a Guix system on a LUKS+LVM arch fork? Currently my plan is to install the base system, core utils, and GRUB using pacman, then using `guix system` on top of the base system
<zimoun>civodul: héhé! BTW it can be seen as the first experiment for virtual meeting as we discussed on guix-europe recently. ;-)
<civodul>sure!
<nckx>raghavgururajan: Self-nitpick: https://paste.debian.net/plain/1154494 (no use including depend.a52 noise even if it's unused).
<nckx>lambdanon: Oh… Guix System is a Linux distribution, it can't really run ‘on top of’ another. It's like asking how to install Ubuntu on CentOS.
<nckx>Guix the package manager works fine, but only installs, well, packages. Not OS-level services.
<nckx>If that comparison sounds silly then I apologise & don't understand your goal.
<lambdanon>Nah, that totally makes sense
<mothacehe>nckx: jfs-root-os test is failing with https://paste.debian.net/1154496/, does it look familiar to you?
<NieDzejkob>I use an encrypted Guix System, ext4 directly on LUKS + swapfile
<NieDzejkob>+ /boot/efi on fat32
<lambdanon>Ok, new plan - I'll do something similar to that, but use btrfs subvolumes
<nckx>mothacehe: Er, no, not at all. Is that a recent regression?
<nckx>AFAUK?
<civodul>for the scientists or research software engineers among us → https://hpc.guix.info/blog/2020/06/reproducible-research-hackathon/
<mothacehe>dunno, installation test were all failing for a while, due to a subtile pile of bugs. Everything should be fixed except this one. As you added it, I was just asking out of luck :)
<mothacehe>*tests
<civodul>great work, mothacehe!
<civodul>fixing all these issues
<mothacehe>thanks civodul :)
***cjpb0 is now known as cjpbirkbeck
<lambdanon>The Guix SD installer seems to be taking ages to install jbig2sec
<lambdanon>*jbig2dec
<janneke>\o/ nghttp2 builds on the Hurd
<lrssi>Has anyone packaged metasploit in Guix? I am preparing to replace kali livecd with Guix System.
<rekado_>lambdanon: are you downloading substitutes from ci.guix.gnu.org? Or building everything from source?
<lambdanon>I'm using the ncurses installer provided by the iso
<lambdanon>Does that compile by default?
<lrssi>In fact, you don't have to worry about these things, guix gc may clear them.
<lrssi>lambdanon: ^^
<rekado_>?
<rekado_>lambdanon: the installer should download from ci.guix.gnu.org
<rekado_>I suggest to keep the initial system simple so you can install it quickly
<rekado_>you can always reconfigure later
<lambdanon>I mean, I didn't choose to install it :P It was part of the base install
<lambdanon>No matter, it's done now
<nckx>janneke: Cool! That unlocks a lot, right?
<janneke>nckx: yep, we should have "guix package --bootstrap --install gcc-toolchain@7"... testing right now
<janneke>that will help debugging the daemon, which helps getting "guix gc" to work
<janneke>which will allow us to run Childhurds on more build nodes
<civodul>hey comrades! feedback welcome on https://issues.guix.gnu.org/42048 !
<NieDzejkob>nikita`: Hi, was it you who mentioned a potential pentesting channel on the mailing lists one day? Is that a thing now? :P (re: lrssi's question about metasploit)
<rekado_>civodul: looking at it now
<civodul>thanks rekado_
<civodul>BTW, i also take feedback on the draft post i pushed to guix-artwork recently, about commit authentication :-)
<civodul>maybe we can publish tomorrow
<lambdanon>Had an error when running the guix installer, where python3.5.7 failed to build
<rekado_>3.5.7?
<rekado_>that’s rather old
<rekado_>the latest version of Guix comes with version 3.8.2
<rekado_>also, it sounds suspicious that you had to build Python at all
<lambdanon>Yeah, I thought that too. Even stranger was that it was a dependency for glibc
<lambdanon>But the GPG signature was good
<lambdanon>For the ISO, that is
<rekado_>unfortunately, the latest glibc does require Python to run its test suite :-/
<rekado_>but this also indicates to me that you’re building way too much from source
<rekado_>you wouldn’t need Python when you download the glibc binary
<rekado_>you only need Python to build it from source (to run the tests)
<lambdanon>I didn't decide to build from source - it was what the installer did by default
<mothacehe>lambdanon: You used the guided install or the manual install?
<rekado_>I understand, but that’s not what the installer does by default. So maybe something went wrong along the way
<rekado_>one possibility is that you can’t connect to ci.guix.gnu.org for some reason
<lambdanon>mothacehe: I did the guided install
<mothacehe>Ok, did you edit the final operating-system file?
<lambdanon>Not at all, I just did the root password, added a user, and set the partition manager to go for the guided encrypted install
<mothacehe>Alright then something wrong is happening as rekado_ said.
<mothacehe>Any chance you lost Internet access at some point?
<nikita`>NieDzejkob: beats me. I had some offensive and defensive security packages, I have many things I didn'gt upstream to guix and probably never can because working on 2 systems is not possible with everything else going on in my life + work etc. i don't really care, like packaging and porting is a skill most people can pick up. if someone would pay me for doing it, sure. i don't know if I mentioned such a
<lambdanon>Maybe? It has been patchy - I'll retry the install and see if the ethernet gets activated
<nikita`>channel.
*nikita` searches her package repos
<mothacehe>lambdanon: ok, keep us informed :)
<lambdanon>Got hit with an error: /No ethernet service available, please try again./
<rekado_>lambdanon: :-/
<nikita`>o metasploit here but I think I'm going to put fixing up the one in pkgsrc-wip on my todo list
<nikita`>*no metasploit
<nikita`>where here means guix compatible packaged
<lambdanon>Going to try with my wifi
<rekado_>the nscd will cache failures, so patchy network can result in longer outages, because nscd just won’t retry
<nikita`>NieDzejkob: it's a load of ruby stuff, should be managable in time for anyone.
<lambdanon>Wifi's also having troubles - it's not asking for the WPA PSK
<mothacehe>lambdanon: yeah that's a known bug of the 1.0.1 installer :(
<mothacehe>I can give you the link of a development version of the ISO installer if you want
<lambdanon>If that's fixed known bugs, it would be greatly appreciated :)
<lambdanon>Wait a sec, my ethernet indicators are up, I'll see if using ethernet will work
<lambdanon>Online :D
<mothacehe>Ha! (otherwise: https://ci.guix.gnu.org/download/10)
<lambdanon>I've realized what might have caused my problems when connecting to ci.guix.gnu.org. When I saw the "Tor Anonymous Network Router", I thought "Cool! Does this mean that net traffic would be routed through Tor by default? I'm switching that on."
<mothacehe>hehe, hope it will work better this time!
<lambdanon>Nope, same problem
<mothacehe> You mean at network step? Or the glibc/python build problem?
<lambdanon>The glibc/python step
<lambdanon>I'm going to try following the steps on the libreboot page and manually install
<lambdanon>Actually I'll try the Dev ISO
<lambdanon>Is it verified with the same signature as the stable ISO?
<mothacehe>No the mechanism publishing dev images is brand new and there are no signature/checksum available right now
<mothacehe>You can also build your own ISO but it require to install Guix first
<mothacehe> https://guix.gnu.org/manual/en/html_node/Building-the-Installation-Image.html
<lambdanon>Btw there's a problem with libreboot's instructions - `ifconfig <ethernet interface> up` doesn't seem to enable my ethernet interface
<lambdanon>`ip link set <interface> up` also doesn't work
<lambdanon>Wait a sec, did the Guix installer screw up my ethernet persistently? Tried the hyperbola installer, and my ethernet stopped working there too. Had to reboot to get it working again
<rekado_>lambdanon: the Guix installer can’t really screw up your ethernet interface.
<lambdanon>Sorry, was jumping to conclusions
<rekado_>lambdanon: no worries. Many of us have been in situations where the improbably seemed the most likely culprit.
<rekado_>*improbable
<lambdanon>Yeah. I think what threw me off was that I tried installing guix a year ago and ran into the same problem
<lispmacs[work]>hi, I'm wanting to play around with Gnu Shepherd user services, like in the blog, but one thing not mentioned in the blog post is what facility should be used to start the user instance of shepherd
<lispmacs[work]>I could start it manually of course after logging in, but that would be silly. Is there someway I should start that automatically on login?
<NieDzejkob>I believe you're intended to integrate it into your login manager
<NieDzejkob>~/.xsession, for example
<efraim>there's something magically bad about presentty that I can't insert it into any pre-existing module
<leoprikler>textutils?
<leoprikler>hmm, maybe not
***jonsger1 is now known as jonsger
<nckx>smalltalk.scm?
<GNULinuxPay>I'm selling GNU/Linux licenses. $99 for single user, $49 for each computer if purchasing for 25 or more machines. Bitcoin payment only!
***GNULinuxPay was kicked by nckx (GNULinuxPay)
<nckx>ffs.
<GNULinuxPay>(still active)
***GNULinuxPay was kicked by nckx (GNULinuxPay)
***ChanServ sets mode: +b *GNULinuxPay*!*@*
***GNULinuxPay was kicked by ChanServ (Banned: spam)
<nckx>I guess high school's out for summer again.
<janneke>if that's so, then that high school's feedback loop is broken
<efraim>sneek: later tell civodul the pipeline passed https://gitlab.inria.fr/guix-hpc/guix-past/-/pipelines/154720
<sneek>Got it.
<efraim>sneek: botsnack
<sneek>:)
<zimoun>efraim: nice! From where the Guix used by the CI comes from?
<efraim>zimoun: I think ludo said that the gitlab runner is on a machine which already has guix installed so it's available in the CI
<jcob>Hey guys I'm having the most bizzare error using a disk-image of guix on a virtual machine. Whenever I try to access a website, it says "connection not secure"
<jcob>when configuring guix do you have to install TLS certificates or something?
<zimoun>efraim: thanks
<janneke>so, we now have a tool to edit hosts files?
<nckx>janneke: We do. Might be useful on foreign distroes.
<jcob>OK figured it out, just had to install certificates and setup env vars
<janneke>nckx: i see, interesting...
<janneke>nckx: maybe the description could mention that, wdyt?
<mbakke>nckx: oo, thanks for updating ceph
<mbakke>now that I have Ganeti, it should be easy to spin up a virtual ceph cluster for testing :)
<nckx>janneke: It didn't occur to me & I'm lukewarm about it but go for it. There's a lot of stuff in Guix that works, at the very least, ‘differently’ on Guix System, it's not something I expect to see documented.
<mbakke>janneke: do you know the story with static linking on the Hurd?
<nckx>mbakke: YW! CVEs are a wonderful motivator.
<janneke>nckx: hmmmokay, you're probably right
<janneke>mbakke: what story?
<mbakke>janneke: why openssl:static was needed for nghttp2, for example
<mbakke>IIRC libpython.so with my cross-patch was also statically linked
<janneke>mbakke: ah, openssl upstream does not support shared libraries
<mbakke>oh
<janneke>mbakke: they have their own, "home grown" configure system
<janneke>iow, openssl needs hurd love
<janneke>mbakke: that having said, we've seen bugs with creating shared libraries in the toolchain, so that may be helping to confuse things. all seems fine on the hurd, be it static or shared
<mbakke>janneke: I see, good that hurd is not alone :-)
<janneke>also, the hurd has some libc additions, libhurduser, libshouldbeinlibc, etc.
<janneke>that should be transparent now, but some of it feels a bit fragile
<jcob>Hey real quick when I try to use this package I wrote http://ix.io/2qAI
<jcob>the executable goes to libexec
<jcob>does anyone know how to get that added to the path?
<jcob>ty
<mbakke>jcob: (symlink "../libexec/foo" "./bin/foo") ?
<mbakke>that said, does it have to in PATH?
<jcob>yes, it ought to be in PATH
<jcob>or at least, I want to be able to execute it via a service eventually
<mbakke>jcob: for service execution you can just do #$(file-append xdg-desktop-portal "/libexec/foo")
<jcob>thank. where would that expose the file?
<jcob>or ooh
<jcob>you would do that in the service itself?
<mbakke>jcob: indeed, it's a G-expression that expands to the absolute file name, you will learn a lot more about gexps once you start writing the service :-)
<jcob>:)
<mbakke>ooh, so one can add git[hublab] PR's as remote branches by stuffing "fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*" into the .git/config
<mbakke>errh, normal people would use origin where I put upstream
<janneke>nckx: pushed an update
<janneke>editng hosts was one of the first things i tried to do and made me curse guix; i would like to avoid confusing newcomers even more ;-)
<janneke>mbakke: missed this, what do you mean here? "<mbakke> IIRC libpython.so with my cross-patch was also statically linked"
<mbakke>janneke: nvm, I was just confused :-)
<janneke>hehe
<janneke>consider sending a patch ;)
<mbakke>lol
<mbakke>that reminds me, I don't think I pushed it yet
<mbakke>janneke: you can edit /etc/hosts on Guix System though, but the changes will get reset the next reconfigure/reboot :-)
<mbakke>I submitted the Python fix here, maybe it will get merged in Python 3.20 or something: https://github.com/python/cpython/pull/21218
<mbakke>also, it' on master now
<janneke>mbakke: \o/
*rekado_ wonders if libressl has the same problem
<alextee[m]>has anyone figured out how to type japanese with gnome yet?
<alextee[m]>i'm selecting the japanese input but it only works in specific apps/places
<alextee[m]>using anthy
<alextee[m]>in other places it inputs english even though i have japanese selected
<alextee[m]>works in the gnome search bar for example
<alextee[m]>i dont remember having this issue on other distros even when using gnome
<alextee[m]>let me try chinese just to see if that works
<alextee[m]>no doesnt work at all (not sure how to type chinese though)
<alextee[m]>greek works everywhere
<rekado_>alextee[m]: ibus in Gnome also broke for me a while ago
<rekado_>when this happens it is often due to outdated caches
<rekado_>see also https://issues.guix.gnu.org/22707
<alextee[m]>i just deleted ~/.cache/ibus and ran ibus-setup but i still have the problem
<rekado_>since Gnome integrates more tightly with ibus now these steps might not be enough
<rekado_>I just removed the .config/ibus and .cache/ibus directories and could no longer see libpinyin offered in the list of input methods
<rekado_>had to do gnome-shell --replace to see it agani
<rekado_>*again
<rekado_>and there still seems to be extra state somewhere as I can’t configure the input method
<nckx>janneke: OK, it's not the ‘right’ place but it's probably helpful there. In the spirit of what I said yesterday 🙂
<nckx>Can't we make things like /etc/hosts immutable? Or does something count on changing it on the fly (and do we care)?
<rekado_>dconf dump / doesn’t show me anything that might be obviously wrong
<rekado_>I think we should have a dconf service that allows us to set arbitrary dconf keys
<civodul>rekado_: thanks for the patch review, embarrassingly you raise an important question :-)
<sneek>civodul, you have 1 message!
<sneek>civodul, efraim says: the pipeline passed https://gitlab.inria.fr/guix-hpc/guix-past/-/pipelines/154720
<civodul>tx, efraim!
<rekado_>hmm, GNOME control center tries to open /gnu/store/02kv5bfin9lxypbwi7d5v580piwsr8wm-ibus-libpinyin-1.11.1/libexec/ibus-setup-libpinyin, but that can’t be run
<rekado_>looks like it needs more environment variable wrappingh
<janneke>nckx: sorry, not the right place? remind me what said yesterday?
<nckx>No, it's good.
*nckx afk.
<civodul>efraim: perhaps you should add a news entry to Python 2.4 :-)
<janneke>mbakke: yeah, sure, you can edit /etc/hosts -- but most probably you don't want to do that?
<civodul>it's the only channel that'll give users news from a distant past
<bdju>where's the option to take a fullpage screenshot in icecat? it's a version missing the gcli where you could type commands, but I also don't see the screenshot button in any menus...
<bdju>i found this option set to false: devtools.command-button-screenshot.enabled
<bdju>though toggling it, I still can't find the button
<nckx>janneke: We don't document ‘this programme assumes unix, Guix System isn't terribly unix’ under (almost) every package, because it's a general property of Guix System. But if it could help someone, that's more important and I should let it go 😉 Really not worth the words I'm typing.
<janneke>mbakke: ah, but my wording is too strong, in a way, the "hosts" tool "works", albeit temporarily and is it not the preferred option
<nckx>bdju: extensions.screenshots.disabled instead.
*rekado_ found one of the problems with ibus-libpinyin
<nckx>bdju: It's disabled because you could host screenshots on Mozilla servers whatever, even though they were/will be shut down anyway.
<nckx>= ‘privacy’.
<bdju> https://developer.mozilla.org/en-US/docs/Tools/Taking_screenshots I went here and was reading it, saw the screenshot button was to be added to developer tools and not my right click menu or hamburger menu, and I'd already toggled the about:config thing, so then I found the camera button in developer tools and clicked that
<bdju>not sure what mozilla servers have to do with... I just wanted to save the full page as a screenshot to my downloads folder, which is what I did
<bdju>maybe they offered hosting somewhere, but I didn't even know that
<nckx>bdju: But that's a different thing.
<nckx>I'm talking about the item in the right-click-on-page context menu.
<janneke>nckx yeah...i dunno -- i wouldn't want to add disclaimers to a majority of our packages
<bdju>ah, yes, I think I want that. though I got my screenshot now via dev tools
<bdju>nckx: thanks for the extensions.foo tip, I got it in the context menu now. yay
<janneke>do we have packages that are even more useless, iow truly cannot work at all, under guix system?
<janneke>say, a fhs-compliency checker
<nckx>bdju: \o/ and I learnt that there are two screenshotters… for some reason.
<nckx>janneke: No idea.
<civodul>janneke: an FHS compliance checker would work, but it would say we don't pass the test :-)
<nckx>The problem is that it's so run-timey it would be hard to test automatically.
<janneke>hmmm, my give up
<janneke>i was really trying to be helpful, but it seems i'm failing terribly
<nckx>I still think /etc/hosts being editable at all (fail very late, i.e. ‘I rebooted after a month wait where's my hosts file’) is much worse a paper cut.
<nckx>If it fails immediately, frustration/confusion is lessened and people learn intuitively what's going on.
<nikita`>nckx: re gnu/linux license thing: i think it's the person who bought genioulinux.com or what it was and since then has been spaming manually, not even with bots, channels and websites about it
<mbakke>I like doing quick-and-dirty changes in /etc without a full reconfigure, but my workflow is probably not great
<nckx>nikita`: Wait, it's not just a old tired joke about GLAT? I didn't know that.
<mbakke>also, the file is read-only, which is already a warning sign
<nikita`>GLAT?
<janneke>nckx yes! i think my intention was to avoid nudging people the other way. hey, how would i change hosts? ah, there's a tool! that must be how it's done. month later...wtf?
<nikita`>i can't english today. what's the word.. geniou?
<nckx>mbakke: Is it a sign? At least ‘sudo nano /etc/hosts’ didn't warn me, I just noticed it now.
<nikita`>genuine?
<nckx>nikita`: https://notabug.org/GLAT, but the ‘Used in certain scams:’ was added recently. It was just a forgotten April fools' joke before that.
<nikita`>oh
<nckx>janneke: I see your point.
<mbakke>wowza, TIL nano does not warn when overwriting a read-only file
<nikita`>someone told me this spammer has been on it for a long time
<nikita`>from my irc logs: http://www.linuxgenuineadvantage.org/ " started as a joke but then his scammer took it over back in 2014ish, and have been manually spamming it since then, not even using a bot for it"
<nikita`>pretty sad :D
<nckx>That's just weird.
<nikita`>yeah!
<nckx>TIL, thanks.
<nckx>mbakke: I hardly ever use it but emacs can be ‘‘‘helpful’’’ sometimes so ‘sudo nano’ is a reflex for things I'm not 100% sure about.
<nckx>Which is to say, T we both L.
<mbakke>nckx: I filed a bug: https://savannah.gnu.org/bugs/index.php?58685 :-)
<nikita`>want to hear another weird thing? I had to talk to our secret service to report an targeted Ad of scientology recently. and I was super skeptic of their reply at first because it looked like it could be either a trojan, a weird messaging system or inability to use computers in an intuitive way. after using gimp to open it I had a good laugh because the Oberregierungsrat at the office had scanned in a letter
<nikita`>which had been printed and written on computer before
<nikita`>this is apparently rather common with courts and higher offices like verfassungsschutz etc
<nckx>nikita`: Is that due to obsolete legislation (‘a foo letter must be printed on blah blah paper to be valid’) or just… utter cluelessness?
<nckx>‘The answer will surprise you!’
<nikita`>someone told me it's cluelessness
<nikita`>source: she recently had reached out to many courts and offices over the last years and it's a pattern, not a regulation
<nikita`>other offices manage to send me emails just fine :D
<nikita`>i mean the reply of VfS was only a PDF. nothing more. no text.
<nikita`>the PDF was a norm letter with a case number etc
<nikita`>might go ahead next time and send them a letter about an Ad I have to report on Facebook.. maybe I get a letter back instead of a PDF. D:
<nckx>You fault for not owning a fax machine.
<nikita`>:D
<nikita`>i should stop procrastinating and finish the gsoc report
<nckx>And I should stop facilitating off-topic content. Good luck!
<nikita`>thanks
<nckx>mbakke: Oh, ta.
<nckx>I wonder if they'll consider it a bug.
<dissoc>what do #~ and #$ mean in guile? i've used it in writing services but dont really know
<dissoc>like (start #~(make-forkexec-constructor ...))
<NieDzejkob>dissoc: These are Guix's reader macros for G-Expressions
<NieDzejkob>I've found this talk explains them well: https://fosdem.org/2020/schedule/event/gexpressionsguile/
<mbakke>dissoc: those are guix-specific extensions to Guile that roughly maps to ` and , respectively
<NieDzejkob>my offloaded builds are failing with https://paste.debian.net/1154560/ , any ideas?
<mbakke>NieDzejkob: I've seen a similar error on Berlin once every blue moon: https://issues.guix.gnu.org/issue/41625
<mbakke>would be great to track it down, but haven't reproduced it on my own system
<NieDzejkob>it happens much more often on my system
<NieDzejkob>I've retried it a few times
<NieDzejkob>it might be a network issue
<NieDzejkob>I'm on Wi-Fi, after all...
<mbakke>I'm on wifi too, but a fairly stable and uncontended one
<NieDzejkob>I don't have that luxury :P
<nckx>Oh, I get a similar error (but with <#eof> formatting) constantly. Every 10 minutes or so. But only on one host, so I blamed it.
<walter[m]1>is there a recommended merge strategy for pulling into guix after adding package defs?
<walter[m]1>I added some packages go emacs-xyz and they all result in ugly merge conflicts that are annoying to disentangle
<nckx>It's hooked up over cat5 to a residential wi-fi router, so high kwalitee networking all around.
<walter[m]1>*to emacs-xyz
<cbaines>walter[m]1, did you add the packages to the bottom of the file?
<nckx>walter[m]1: First off, always rebase.
<nckx>And secondly, yeah, putting them (roughly) alphabetically in the file will help a lot.
<nckx>And the occasional (but rare) conflict is inevitable, you'll have to edit those by hand.
<walter[m]1>cbaines: I think they're at the bottom, yeah
<walter[m]1>nckx: alphabetical, gotcha
<cbaines>walter[m]1, as nckx says, I'd recommend against that. All it takes is someone else to have the same "I'll just add this at the end" idea, and you've got a conflict
<civodul>roptat: OPAM is source-only? or can "opam install" fetch pre-built binaries?
<nckx>walter[m]1: Well, alphabetical ‘enough’ since some files aren't sorted. Don't sweat it too much. But please don't add them randomly either.
<walter[m]1>I guess I was thinking I would sort them after merging, since there'd be new entries, but now I see why that's making conflicts
<NieDzejkob>heh. My patch for loud substitute* failures is having me learn some nice trivia about the bootstrap chain :)
<nckx>Ooh, this is going to be a gory core-updates merge 🙂
<NieDzejkob>well, it has to be done *someday*